Comments (5)
How about Apache 2? I'm happy for anyone to use it however they would like. I keep meaning to get back to this, but it's at something of a crossroads. Fully implementing the spec requires validating signatures which is difficult it go because there isn't a DOM implementation or canonicalization available. I either have to write some of that or drop down to a C library. I can't make up my mind on how to proceed.
from lite-idp.
Apache 2 is great...
I must admit I barely know SAML, but I doubt it uses any crypto algorithms that aren't readily available for go... But I'm sure the XML parts are unpleasant..
(also can't really find a solid ldap things for golang, but that's probably less relevant)
Update: I'm wrong, there is LDAP libs like githib.com/nmcclain/ldap
from lite-idp.
I'd probably use https://github.com/go-ldap/ldap. It's included in Red Hat's OpenShift project, and I it authenticates against LDAP nicely.
You talked me into keeping everything in Go. I don't really need to support XML signature validation if I require 2-way SSL for artifact resolution requests.
from lite-idp.
I'm curious (and new to go) but I can't imagine that there isn't some decent XML libs for go..
Or what was it you were considering to use a c library for?
from lite-idp.
The same XML data can be represented multiple ways due to namespaces,
whitespace, etc. Prior to verifying or applying a digital signature, the
XML must be normalized through a process called canonization. I was able to
due this in go for signatures because the XML it produces is very
consistent. It is much more difficult to do in general for incoming
requests.
I can ensure the same level of security if data is transported over HTTPS
with client certificates and avoid verifying signatures.
On Jan 29, 2016 3:53 AM, "Jonas Finnemann Jensen" [email protected]
wrote:
I'm curious (and new to go) but I can't imagine that there isn't some
decent XML libs for go..Or what was it you were considering to use a c library for?
—
Reply to this email directly or view it on GitHub
#3 (comment).
from lite-idp.
Related Issues (12)
- SP clustering support
- Config sample HOT 9
- panic: runtime error: invalid memory address or nil pointer dereference HOT 1
- undefined: bigcache.EntryNotFoundError HOT 1
- Security: XSS Issue in demo UI HOT 1
- Cannot generate certs HOT 1
- unsupported signature algorithm error HOT 2
- how to configure a sp? HOT 1
- Documentation HOT 2
- Tagging docker images HOT 1
- Client Certificate is requested HOT 8
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from lite-idp.